A: TippingPoint IPS devices inspect all traffic as long as said traffic is NOT encrypted. By definition, SSL traffic is encrypted, so while the IPS cannot inspect the traffic it will attempt to do so thus causing additional load on the system.

Details

Public

Note: It is a recommended best practice to utilize inspection bypass rules to bypass encrypted traffic. This is recommended because the IPS cannot inspect encrypted traffic and attempting to do so can impact performance and cause unnecessary CPU processing load.

Note: If SSL traffic inspection is required, TippingPoint offers the Threat Protection System (TPS) devices. The TPS devices (with appropriate SSL license) decrypt SSL traffic between clients and site servers and sends the decrypted traffic to the IPS device for analysis. After inspection the SSL traffic is re-encrypted and sent on its way.

Premium

Internal

Rating:

Category:

Configure; Troubleshoot; Deploy

Solution Id:

TP000086707

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

Please select at least one problem in this article.

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

Please input other problems.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

Please input your email.

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

Geolocation Notification

Please approve access on GeoIP location for us to better provide information based on your support region.
If your location now is different from your real support region, you may manually re-select support region
in the upper right corner or click here.